Information Security News mailing list archives
New email virus spams mobile phone users
From: William Knowles <wk () C4I ORG>
Date: Tue, 6 Jun 2000 12:02:05 -0500
http://news.cnet.com/news/0-1005-200-2026192.html?tag=st.ne.1002.tgif.ni By Evan Hansen Staff Writer, CNET News.com June 6, 2000, 12:05 p.m. PT Update: Mobile phone customers are being targeted by a new computer virus that Internet security experts said is the first of its kind. The virus, called "Timofonica," is reported to be "in the wild" in Spain, where customers of the phone company Movistar have been hit with annoying computer-generated phone calls, according to the antivirus firm Kaspersky Lab. The virus type, known as a worm, targets phones that use the European GSM mobile standard. Security experts said the virus is the first to hit mobile phones, although they emphasized that the worm is propagated by computer and not via the telephone system. They also said the attack is relatively benign, as it does not destroy computer files but merely delivers a message disparaging the Spanish telephone company Telefonica. "It's an annoying message type," said Chris Vargas, president of F-Secure, an Internet security firm that also reported the worm this morning. "The virus' purpose is to propagate a harmless message." Like the notorious "I Love You" virus that spread quickly through corporate computer systems across the globe last month, the Timofonica virus was written using Microsoft's VBScript programming language. Also like the Love bug, Timofonica spreads via email by sending infected messages from affected computers. The worm sends itself to all addresses that are stored in a person's address book. "We believe the worm originated in Spain," Varga said. "The message is in Spanish, and the message is directed at a Spanish operator." In addition, the worm sends a message to a so-called short messaging service (SMS) gateway that converts text messages to voice and sends them to mobile phone users. The worm randomly generates phone numbers targeting the "corio.movistar.net" SMS gate. Every time the worm is forwarded to a new address, it sends a new SMS message to a randomly selected number, thus bombarding people with SMS messages. Timfonica isn't the first virus to attack telephones. Earlier this year, a phone virus hit 911 systems in Texas. During the I Love You rampage, some fax machines began spitting out harmless pages of code, thanks to email-to-fax services. While today's attack may be relatively benign, it points to the potential for more serious mischief as voice and data as well as mobile and fixed communications systems become more entwined. Most large Web companies are already looking to offer wireless and voice services to augment the predominantly PC-based Internet entry point. Because viruses have the potential to reach every point in the network, the risk of serious infection increases as the network grows. Security experts said that viruses targeting phones and wireless handheld devices aren't likely to pose a major threat any time soon, however. Dan Schrader, chief security analyst at Trend Micro, acknowledged that some wireless devices, such as PalmPilots, are powerful computers in their own right and pose a theoretical risk of increasing the spread of viruses. But he said traditional computer networks are the most vulnerable to viruses and are likely to remain so despite growing network convergence. Schrader pointed to several factors likely to mitigate viruses that jump off computers to attack other parts of a network. The culture of virus writers, he said, leads them to attack the most widely adopted technologies, making Microsoft's personal computing software the primary target for now. "Theoretical security problems don't always materialize in the real world," he said. "For example, we have identified the potential to create Java applet viruses, but two years later, we have yet to see one." In addition, he said, writing viruses that will run on multiple platforms is next to impossible, meaning that wireless breakouts will be quarantined over divergent operating systems and hardware. Schrader said that today's attack could point to new ways of protecting against future viruses. "The use of desktop antivirus software has proven to be a failure," he said, noting that new viruses often spread before antidotes can be posted. Schrader said the correct way to stop viruses is at key points on the network--at the wireless gateway, for example. Such a solution would also save handheld users from having to place memory-hungry antivirus tools on their cellular phones. *-------------------------------------------------* "Communications without intelligence is noise; Intelligence without communications is irrelevant." Gen. Alfred. M. Gray, USMC --------------------------------------------------- C4I Secure Solutions http://www.c4i.org *-------------------------------------------------* ISN is sponsored by SecurityFocus.com --- To unsubscribe email LISTSERV () SecurityFocus com with a message body of "SIGNOFF ISN".
Current thread:
- New email virus spams mobile phone users William Knowles (Jun 06)